Microsoft Monthly Security Update (July 2021)

Microsoft has released monthly security update for their products:

Vulnerable Product	Risk Level	Impacts	Notes
Windows	Extremely High Risk	Denial of Service Remote Code Execution Elevation of Privilege Security Restriction Bypass Information Disclosure Spoofing	Exploit in the wild CVE-2021-34527 CVE-2021-34448 CVE-2021-33771 CVE-2021-31979
Extended Security Updates (ESU)	Extremely High Risk	Denial of Service Security Restriction Bypass Spoofing Remote Code Execution Information Disclosure Elevation of Privilege	Exploit in the wild CVE-2021-34527 CVE-2021-34448 CVE-2021-33771 CVE-2021-31979
Exchange Server	High Risk	Remote Code Execution Elevation of Privilege Information Disclosure	[Updated 11-August-2021] ProxyShell vulnerabilities for CVE-2021-34473 (patch released in July), CVE-2021-34523 (patch released in July) and CVE-2021-31207 (patch released in May) are being actively scanned by threat actors
SQL Server	Medium Risk	Remote Code Execution
Apps	Low Risk	Spoofing
Developer Tools	Medium Risk	Elevation of Privilege Remote Code Execution Spoofing
Microsoft Office	Medium Risk	Remote Code Execution Information Disclosure Security Restriction Bypass Spoofing
Microsoft Dynamics	Medium Risk	Remote Code Execution
System Center	Medium Risk	Remote Code Execution

Number of 'Extremely High Risk' product(s): 2

Number of 'High Risk' product(s): 1

Number of 'Medium Risk' product(s): 5

Number of 'Low Risk' product(s): 1

Evaluation of overall 'Risk Level': Extremely High Risk

[Updated 11-August-2021] ProxyShell vulnerabilities for CVE-2021-34473 (patch released in July), CVE-2021-34523 (patch released in July) and CVE-2021-31207 (patch released in May) are being actively scanned by threat actors. Risk level of Exchange Server has been escalated to high risk.